(aka valiDNS lite – short for validate DNS lite)
Author: projectfong
Copyright (c) 2025 Fong
All Rights Reserved
Lightweight, research-focused edition of the validns (aka valiDNS) project.
Preserves audit-grade integrity, and hashing — optimized for personal, academic, and research use.
validns-lite is a controlled, non-commercial build derived from the main validns codebase.
It provides audit logging in a reproducible, dependency-minimized form.
All Docker, web UI, agent, and database layers are intentionally removed to simplify testing, verification, and cybersecurity frameworks audit workflows.
- Timestamped audit logs under
/evidence/ - Secure hashing via
src/security/hashing.py - CLI interface supporting
audit,export, andverifycommands - Version-locked dependencies for reproducible builds
Prereq:
sudo apt install -y python3.10-venv
Setup env and run command
# 1. Initialize environment
python3 -m venv .venv
source .venv/bin/activate
# 2. Install dependencies
pip install -r requirements.txt
# 3. Run CLI
python cli/cli_main.py --helpTest - cli_main.py verify
validns-lite$ python cli/cli_main.py verify nike.com
2025-10-12T07:37:10Z [INFO] Starting verification for nike.com (local mode)
2025-10-12T07:37:11Z [INFO] orchestrator_lite_init evidence_root=/home/projectfong/projects/validns-lite/evidence
2025-10-12T07:37:11Z [INFO] orchestrator TRACE_START success=True
2025-10-12T07:37:11Z [INFO] exec cmd=dig +noall +answer nike.com timeout=30s
2025-10-12T07:37:12Z [INFO] done rc=0 dt=0.958s
2025-10-12T07:37:12Z [INFO] artifact_written file=dig.json
2025-10-12T07:37:12Z [INFO] dns DNS_DONE success=True
2025-10-12T07:37:12Z [INFO] exec cmd=ping -n -c 4 nike.com timeout=30s
2025-10-12T07:37:15Z [INFO] done rc=0 dt=3.045s
2025-10-12T07:37:15Z [INFO] artifact_written file=ping.json
2025-10-12T07:37:15Z [INFO] ping PING_DONE success=True
2025-10-12T07:37:15Z [INFO] exec cmd=tracepath -n nike.com timeout=30s
2025-10-12T07:37:45Z [ERROR] timeout cmd=tracepath -n nike.com after=30s
2025-10-12T07:37:45Z [INFO] artifact_written file=traceroute.json
2025-10-12T07:37:45Z [INFO] traceroute TRACE_DONE success=False
2025-10-12T07:37:45Z [INFO] summary_skipped_no_backend
2025-10-12T07:37:45Z [INFO] summarizer SUMMARY_SKIPPED success=True
2025-10-12T07:37:45Z [INFO] orchestrator TRACE_COMPLETE success=True
2025-10-12T07:37:45Z [OK] Trace complete: bd903f38-4c46-467b-8bc0-b5baa97ba7ff
validns-lite result snapshot: nike.com
┏━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Key ┃ Value ┃
┡━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ trace_id │ bd903f38-4c46-467b-8bc0-b5baa97ba7ff │
│ target │ nike.com │
│ avg_rtt_ms │ 7.438 │
│ hops_mode │ tracepath │
│ evidence_dir │ /home/projectfong/projects/validns-lite/evidence/bd903f38-4c46-467b-8bc0-b5baa97ba7ff │
└──────────────┴───────────────────────────────────────────────────────────────────────────────────────┘
Test - cli_main.py audit
validns-lite$ python cli/cli_main.py audit bd903f38-4c46-467b-8bc0-b5baa97ba7ff
audit ledger: bd903f38-4c46-467b-8bc0-b5baa97ba7ff
┏━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ ts ┃ actor ┃ action ┃ success ┃ err ┃
┡━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ 2025-10-12T07:37:11Z │ orchestrator │ TRACE_START │ True │ None │
│ 2025-10-12T07:37:12Z │ dns │ DNS_DONE │ True │ None │
│ 2025-10-12T07:37:15Z │ ping │ PING_DONE │ True │ None │
│ 2025-10-12T07:37:45Z │ traceroute │ TRACE_DONE │ False │ Command '['tracepath', '-n', 'nike.com']' timed out after 30 seconds │
│ 2025-10-12T07:37:45Z │ summarizer │ SUMMARY_SKIPPED │ True │ None │
│ 2025-10-12T07:37:45Z │ orchestrator │ TRACE_COMPLETE │ True │ None │
└──────────────────────┴──────────────┴─────────────────┴─────────┴──────────────────────────────────────────────────────────────────────┘
Test - cli_main.py export
validns-lite$ python cli/cli_main.py export bd903f38-4c46-467b-8bc0-b5baa97ba7ff
2025-10-12T07:41:26Z [INFO] Creating archive: /home/projectfong/projects/validns-lite/evidence/bd903f38-4c46-467b-8bc0-b5baa97ba7ff.tar.gz
2025-10-12T07:41:26Z [OK] Exported evidence archive: /home/projectfong/projects/validns-lite/evidence/bd903f38-4c46-467b-8bc0-b5baa97ba7ff.tar.gz
All logs and outputs are written to /evidence/ with UTC timestamps for traceability.
cli/ CLI entry (cli_main.py) and config.yaml
src/ Core runtime and orchestration logic
src/security/ Hashing and trust verification
docs-lite/ Architecture reference
evidence/ Audit and change evidence
- Designed for use in isolated, non-production environments.
- Containers should run as non-root users with restricted network access.
- ICMP and traceroute operations may require elevated privileges (CAP_NET_RAW) during execution.
- No assumptions are made about external system or network security.
- The system does not implement or guarantee real-time protection, threat detection, or enforcement.
All runtime sessions and outputs must be archived under /evidence/.
Each record includes:
- UTC timestamp
- Module or CLI action name
- Result summary and integrity hash
Evidence retention and review cadence depend on local policy or research project scope.
Licensed under the ProjectFong Non-Commercial Research License (PNCRL-1.0) Use permitted only for personal, academic, or research purposes. Commercial or hosted use requires explicit written consent.
| Version | Date | Summary | Author |
|---|---|---|---|
| 1.0.0 | 2025-10-10 | Initial publication of README.md |
projectfong |